v5:database:text
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
database:text [2015/10/10 02:49] – mnewnham | v5:database:text [2018/07/01 22:45] – prefer functions start lowercase (#430) peterdd | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Plain Text ====== | ====== Plain Text ====== | ||
+ | <WRAP alert> | ||
+ | This driver is broken in ADOdb version 5 when used with PHP version 5.3 and up. This is due to the fact that the **execute** method has a non-compliant 3rd argument to it. Absent any user requests, this driver will be removed in ADOdb version 6. | ||
+ | </ | ||
===== Description ===== | ===== Description ===== | ||
- | The '' | + | The '' |
------------------- | ------------------- | ||
- | <WRAP right box> | + | <WRAP right box 400px> |
== Syntax == | == Syntax == | ||
object connect( | object connect( | ||
Line 16: | Line 19: | ||
This is a 2 dimensional array of data. Optionally, The first row may contain the column names. If column names are not defined in first row, they must be defined in the third argument $columnNames. | This is a 2 dimensional array of data. Optionally, The first row may contain the column names. If column names are not defined in first row, they must be defined in the third argument $columnNames. | ||
==== $dataTypes ==== | ==== $dataTypes ==== | ||
- | The optional parameter $dataTypes provides an array of [[reference: | + | The optional parameter $dataTypes provides an array of [[v5: |
+ | ---------------------- | ||
+ | <WRAP right info 400px> | ||
+ | Column names, whether provided in the first row of data or in the '' | ||
+ | </ | ||
==== $columnNames ==== | ==== $columnNames ==== | ||
- | If the first row of the data array is not column names, the $column names parameter must provide a list of column names | + | If the first row of the data array is not column names, the '' |
If provided, the number of columns in the 2< | If provided, the number of columns in the 2< | ||
+ | ---------------------------- | ||
+ | <WRAP right box 400px> | ||
+ | == Syntax == | ||
+ | mixed execute( | ||
+ | string $sql | ||
+ | | ||
+ | | ||
+ | ) | ||
+ | </ | ||
+ | ===== execute ===== | ||
+ | The execute() method will return a recordset. The recordset works like a normal recordset. | ||
+ | |||
+ | There is partial support for SQL parsing. We process the SQL using the following rules: | ||
+ | - SQL order by's always work for the first column ordered. Subsequent cols are ignored | ||
+ | - All operations take place on the same table. In fact the FROM clause is ignored, You can use any name for the table. | ||
+ | |||
+ | - To simplify code, all columns are returned, except when selecting 1 column | ||
+ | |||
+ | <code php> | ||
+ | $rs = $db-> | ||
+ | $rs = $db-> | ||
+ | // sql accepted and processed -- any table name is accepted | ||
+ | $rs = $db-> | ||
+ | // sql accepted and processed | ||
+ | </ | ||
+ | Where clauses are ignored, but searching with the 3rd parameter of Execute is permitted. | ||
+ | |||
+ | ------------------------ | ||
+ | <WRAP right important 400px> | ||
+ | Using eval may make code susceptible to SQL injection attacks | ||
+ | </ | ||
+ | ==== Using an eval statement ==== | ||
+ | The 3rd argument to '' | ||
+ | --------------------- | ||
+ | <code php> | ||
+ | $rs = $db-> | ||
+ | |||
+ | /* | ||
+ | * the 3rd param is searched -- make sure that $COL1 is a legal column name | ||
+ | */ | ||
+ | </ | ||
+ | |||
+ | |||
+ | |||
+ | ===== Limitations ===== | ||
+ | The following SQL operations are not supported: | ||
+ | * Group by, having, other clauses | ||
+ | * Expression columns such as min(), max() | ||
+ | * Joins are not permitted | ||
+ | |||
+ | ===== Usage ===== | ||
+ | <code php> | ||
+ | include ' | ||
+ | |||
+ | $data = | ||
+ | array(0=> | ||
+ | 1=> | ||
+ | 2=> | ||
+ | 3=> | ||
+ | 4=> | ||
+ | 5=> | ||
+ | ); | ||
+ | |||
+ | $cols = array(' | ||
+ | $metaTypes = array(' | ||
+ | |||
+ | $db = ADOnewConnection(' | ||
+ | |||
+ | |||
+ | $db-> | ||
+ | |||
+ | $sql = ' | ||
+ | |||
+ | $result = $db-> | ||
- | The Execute() function will return a recordset. The recordset works like a normal recordset. | + | while ($r = $result->fetchRow()) |
- | We have partial support for SQL parsing. We process the SQL using the following rules: | + | |
- | 1. SQL order by's always work for the first column ordered. Subsequent cols are ignored | + | |
- | 2. All operations take place on the same table. No joins possible. In fact the FROM clause | + | |
- | is ignored! You can use any name for the table. | + | |
- | 3. To simplify code, all columns are returned, except when selecting 1 column | + | |
- | $rs = $db->Execute(' | + | |
- | We special case handling of 1 column because it is used in filter popups | + | |
- | $rs = $db-> | + | |
- | // sql accepted and processed -- any table name is accepted | + | |
- | $rs = $db-> | + | |
- | // sql accepted and processed | + | |
- | 4. Where clauses are ignored, but searching with the 3rd parameter of Execute is permitted. | + | |
- | This has to use PHP syntax and we will eval() it. You can even use PHP functions. | + | |
- | $rs = $db-> | + | |
- | // the 3rd param is searched -- make sure that $COL1 is a legal column name | + | |
- | // and all column names must be in upper case. | + | |
- | 4. Group by, having, other clauses are ignored | + | |
- | 5. Expression columns, min(), max() are ignored | + | |
- | 6. All data is readonly. Only SELECTs permitted. | + | |
- | $db = NewADOConnection(' | + | </ |
v5/database/text.txt · Last modified: 2020/01/13 13:17 by dregad